Hardcoded credentials

apps/filemanager/handlers/upload/drop.php in Elefant CMS 2.0.3 performs a urldecode step too late in the "Cannot upload executable files" protection mechanism...

The vulnerability of the IKE protocol implementation in Cisco IOS and Cisco IOS XE operating systems allows attackers to gain access to protected information.

The vulnerability of the IKE protocol’s implementation in Cisco IOS and Cisco IOS XE operating systems is related to decoding errors in traffic. Exploiting this vulnerability can allow a malicious actor to gain access to session keys and decode traffic by sending specially crafted data packets to...

The vulnerability of the IKE protocol implementation in ZyXEL USG, ZyXEL USG VPN, ZyWALL, and ZyWALL VPN devices allows attackers to gain access to protected information.

The vulnerability of the IKE protocol in network devices such as ZyXEL USG, ZyXEL USG VPN, ZyWALL, and ZyWALL VPN relates to decoding errors in traffic. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information...

WebRTC - VP8 Block Decoding Use-After-Free Exploit

Exploit for multiple platform in category dos / poc There is a use-after-free in VP8 block decoding in WebRTC. The contents of the freed block is then treated a pointer, leading to a crash in WebRTC. ==20098==ERROR: AddressSanitizer: heap-use-after-free on address 0x6330000a9491 at pc...

Null pointer dereference

A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image...

UBUNTU-CVE-2016-9572

A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image...

DEBIAN-CVE-2016-9572

A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image...

CVE-2016-9572

A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image...

WebRTC - VP8 Block Decoding Use-After-Free

WebRTC - VP8 Block Decoding Use-After-Free There is a use-after-free in VP8 block decoding in WebRTC. The contents of the freed block is then treated a pointer, leading to a crash in WebRTC. ==20098==ERROR: AddressSanitizer: heap-use-after-free on address 0x6330000a9491 at pc 0x0000014cde2f bp...

WebRTC - VP8 Block Decoding Use-After-Free

There is a use-after-free in VP8 block decoding in WebRTC. The contents of the freed block is then treated a pointer, leading to a crash in WebRTC. ==20098==ERROR: AddressSanitizer: heap-use-after-free on address 0x6330000a9491 at pc 0x0000014cde2f bp 0x7ff20616d7e0 sp 0x7ff20616d7d8 READ of size...

CVE-2016-8622

CVE-2016-8622 affects curl/libcurl’s URL percent-encoding decode path. The curl_easy_unescape function may allocate a destination buffer larger than 2 GB but store the result length in a signed 32‑bit int, causing length truncation or negative values. This can lead to writing outside the heap. Pu...

CVE-2017-7482

In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and...

PT-2018-1525

Name of the Vulnerable Software and Affected Versions Modicon M221 versions prior to V1.6.2.0 Description A Permissions, Privileges, and Access Control issue exists, allowing unauthorized users to decode passwords using a rainbow table. This could enable a remote attacker to exploit the...

Buffer Overflow

libcurl.so is vulnerable to buffer overflows. The application does not properly allocate memory when decoding URL percent-encoding, allowing a malicious user to send a large URL to cause a buffer overflow, crash the application or causing arbitrary code to be executed...

UBUNTU-CVE-2018-13348

The mpatchdecode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001...

PYSEC-2018-90

The mpatchdecode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001...

DEBIAN-CVE-2018-13301

In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ffmpeg4decodepictureheader function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service...

Security Bulletin: IBM Security Access Manager Appliance is affected by a Network Security Services (NSS) vulnerability (CVE-2017-5461)

Summary IBM Security Access Manager Appliance has addressed the following vulnerability in the Network Security Services NSS library. Vulnerability Details CVEID: CVE-2017-5461 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an...

DEBIAN-CVE-2017-5443

An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

CVE-2017-5443

An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...